| 3.1 Set a nondeterministic Shutdown command value | CIS Apache Tomcat 10.1 v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.1 Set a nondeterministic Shutdown command value | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.1 Set a nondeterministic Shutdown command value | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1 Ensure Options for the OS Root Directory Are Restricted | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL |
| 5.2 Ensure Options for the Web Root Directory Are Restricted | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL |
| 5.2.10 Minimize access to privileged Security Context Constraints | CIS RedHat OpenShift Container Platform v1.6.0 L2 | OpenShift | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure Options for Other Directories Are Minimized | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.3 Ensure Options for Other Directories Are Minimized | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL |
| 5.6 Ensure the Default CGI Content test-cgi Script Is Removed | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.6 Ensure the Default CGI Content test-cgi Script Is Removed | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.8 Ensure the HTTP TRACE Method Is Disabled | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.8 Ensure the HTTP TRACE Method Is Disabled | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 7 v1.1.0 L2 MongoDB | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 7 v1.1.0 L2 MongoDB | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 6.6.5 Ensure all Custom Login Classes Forbid Shell Access | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL |
| 6.10.3.2 Ensure XNM-SSL Connection Limit is Set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.3.3 Ensure XNM-SSL Rate Limit is Set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.4.1 Ensure NETCONF Rate Limit is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.4.2 Ensure NETCONF Connection Limit is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.10 Ensure REST Service Address is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 9.4 Ensure 'super_priv' Is Not Set to 'Y' for Replication Users | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS MySQL 8.0 Community Database L1 v1.0.0 | MySQLDB | ACCESS CONTROL |
| 9.4 Ensure 'super_priv' Is Not Set to 'Y' for Replication Users | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
| 10.3 Restrict manager application | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 10.3 Restrict manager application | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | ACCESS CONTROL |
| 10.13 Do not run applications as privileged | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 10.13 Do not run applications as privileged | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 10.1 v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
